OPC participation in international organizations

The Office of the Privacy Commissioner of Canada (OPC) participates in a number of international privacy protection organizations to address global privacy issues that result from ever-increasing trans-border data flows. These international organizations give the OPC the opportunity to shape and improve the privacy policies and standards around the globe, which in turn leads to better protection for Canadians' personal information.

On this page, you can learn about international groups and organizations the OPC participates in to advance privacy issues.

Organisation for Economic Co-Operation and Development (OECD)

The OECD’s Guidelines on the Protection of Privacy and Transborder Data Flows were developed more than 30 years ago. Although the guidelines have proven remarkably resilient, the world has changed dramatically since then.

Recognizing this, the OECD launched a review of the guidelines in 2011, to coincide with the 30^th anniversary of the Guidelines, to assess whether they are still relevant considering the “changing technologies, markets and user behaviour and the growing importance of digital identities.” The review was conducted by the OECD’s Working Party on Information Security and Privacy (WPISP), now the Working Party on Security and Privacy in the Digital Economy, and was advised and supported by a multi-stakeholder volunteer group chaired by former Commissioner Jennifer Stoddart.

The volunteer group, together with the Working Party Secretariat, considered a wide range of proposals to update the Guidelines. In July 2013, following extensive debate and discussion, the OECD Council adopted revised Guidelines. As well, a “Supplementary Explanatory Memorandum” was prepared to provide context and the rationale for the revisions.

The OPC provided input to the OECD’s current examination of privacy-related issues raised by large-scale data use and analytics. The OPC participated in an expert roundtable on this issue in March 2014.

Asia Pacific Privacy Authorities (APPA)

Our Office is a member of the APPA forum, made up of privacy authorities in the Asia Pacific region. APPA holds two meetings annually where we exchange ideas and best practices about privacy regulation, new technologies and ways to raise awareness of privacy issues.

Association francophone des autorités de protection des données personelles (AFAPDP)

Our Office was instrumental in the creation in 2007 of the organization representing francophone data protection authorities around the world, the AFAPDP. This is a unique forum to reach developing countries in the Francophonie, which are in the process of establishing data protection regimes to protect the privacy rights of their citizens and for the purposes of international trade. Because French is one of Canada’s official languages, and because we have a well-developed privacy protection regime, our Office is well-suited to play a key capacity-building role in AFAPDP. By participating in annual meetings and workshops organized by the AFAPDP, the OPC can offer our knowledge and expertise and affirm privacy as a fundamental right and economic benefit.

Asia-Pacific Economic Cooperation (APEC) Cross-border Privacy Enforcement Arrangement (CPEA)

The APEC Cross-border Privacy Enforcement Arrangement (CPEA) became operational in July 2010.  Our Office helped develop the multilateral cooperation Arrangement. The OPC is a member of the CPEA along with the U.S. Federal Trade Commission and approximately 20 privacy enforcement authorities from other Asia-Pacific economies. The APEC Arrangement is intended to encourage information sharing and facilitate enforcement cooperation. Under this arrangement, the OPC has shared information with, and received information from, other APEC CPEA members that has assisted us in several investigations. Like the bilateral arrangements discussed above, our participation in the APEC CPEA is based on our authority under PIPEDA to cooperate and share information with our foreign counterparts.

Commission for the Control of INTERPOL’s Files

A senior member of the OPC participates in meetings of the Commission for the Control of INTERPOL’s Files (CCF). The CCF serves as an independent watchdog on how INTERPOL lives up to its established standards on the processing of personal information. The CCF has three main functions:

• Providing advice on issues that involve the processing of personal data;
• Carrying out inspections of INTERPOL’s data processing operations; and
• Processing requests for access to INTERPOL's files and dealing with complaints from individuals who assert that their rights have been infringed by INTERPOL.

Participating in the CCF offers our Office an invaluable opportunity to learn about international law enforcement issues and it also allows us to contribute to ensuring that INTERPOL respects privacy protection principles around the world.

Global Privacy Enforcement Network (GPEN)

GPEN is an informal network of privacy enforcement authorities that is intended to promote enforcement cooperation by sharing information about privacy enforcement issues and facilitating effective cross-border privacy enforcement in specific matters.

GPEN is an outcome of a 2007 recommendation of the Organisation for Economic Cooperation and Development (OECD) Council that called for the creation of a network of enforcement authorities. The recommendation was developed with the assistance of a volunteer group chaired by previous Commissioner Jennifer Stoddart, and currently has more than 50 members.

Our Office is a member of the GPEN Management Committee and we coordinated the GPEN Privacy Sweeps in 2013 and 2014. In 2013, 19 privacy enforcement authorities participated, looking at the privacy policies of more than 2,000 websites and apps. In 2014, 27 authorities from around the world examined the collection and use of personal information on mobile apps.